CVE-2018-1108 (retired)

kernel drivers before version 4.17-rc1 are vulnerable to a weakness in theLinux kernel's implementation of random seed data. Programs, early in theboot sequence, could use the data allocated for the seed before it wassufficiently generated.

Ubuntu-Description

Jann Horn discovered that the Linux kernel's implementation of random seeddata reported that it was in a ready state before it had gatheredsufficient entropy. An attacker could use this to expose sensitiveinformation.